Microsoft's Pain in Spain Lies Mainly in Secure Boot

"I can understand the frustration of those who feel that this is Microsoft's 'latest way of locking Linux out,' yet I really wonder if this is what Microsoft and the OEMs are attempting to do," said Google+ blogger Brett Legree. "I mean, if I were Microsoft, I'd be a little more worried about Linux eating my lunch in the server space ... and mobile space."

By Katherine Noyes
04/01/13 5:00 AM PT

It's not exactly any secret that Microsoft has had its fair share of legal troubles over the years, many of them arising from its pesky little habit of finding ways to
shut the door on competitors.

So when Secure Boot came along in Windows 8, many considered it just a matter of time before a
formal complaint was made.

Sure enough, though it took perhaps longer than one might have expected, just such a complaint
was finally filed last week by Hispalinux, a Spanish group of 8,000 Linux users and developers, charging that Secure Boot is nothing more than an "obstruction mechanism."

'How About a Better Solution?'

Linux Girl was comfortably ensconced on her favorite barstool down at the blogosphere's Broken Windows Lounge when the news broke on Tuesday.

Let's just say there was no more peace to be had after that.

Linux bloggers fairly tripped over themselves with excitement on
PCWorld, on
Slashdot and beyond, generating a din that could be heard throughout the Linux blogosphere and its surrounding territories. Linux Girl jumped to attention and began taking down as much as she could.

"'Secure boot' does not prevent viruses from writing to the (pre)bootloader, it just notices if it has happened," noted Slashdot blogger jhol13, for example. "Then the 'notification' or 'failure mode' is DoS, your computer won't boot. I'd rather boot with a virus than not boot.

"How about a better solution, something that *prevents* viruses from writing over the prebootloader?" jhol13 added. "Something which will not brick your computer at an important meeting?"

'I Say Yea to the Group in Spain'

Indeed, "I would like to see something radical happen which promotes actual technological innovation and hinders all this IP bulls**t," wrote Anonymous Coward. "If you want to make money you will actually need to produce good products, not create all these ugly 'services' and lock-in mechanisms. The only purpose of them is to NOT have to innovate but make money anyway."

And again: "It's pretty clear that this whole secure boot thing is a Microsoft invention to prevent loading competitive operating systems," wrote cfnordstrom on PCWorld. "I say 'yea' to the group in Spain that filed the complaint and wish we could get something like that going in North America.

"When I buy hardware, it's my hardware, I should not have to get permission (in the form of a security cert) from Microsoft to change the O/S on my hardware," cfnordstrom added. "Somebody needs to stand up to Microsoft and just say 'no.'"

'It's About Time'

Down at the broken Windows Lounge, similar thoughts could be heard.

"It's about time,"
Linux Rants blogger Mike Stone told Linux Girl. "Seriously. When this whole Secure Boot debacle started, I was literally shocked that I didn't see this kind of response immediately.

"Instead, I saw the list of people kowtowing to Microsoft's demands growing with hardly a squeak," Stone recalled. "I couldn't believe my eyes. It was as if Microsoft sent out a memo to OEMs saying 'Make it harder for people to use anything other than Windows.' The OEMs answer back, 'How high?' and Linux companies' only answer was, 'The mighty has spoken!'"

In fact, "I thought for a second I was living in a version of Microsoft Matrix running on Windows ME, and I was just waiting for the BSOD," he quipped.

Bottom line: "I have nothing but respect for Hispalinux with this move," Stone concluded. "I'm just concerned that someone else hasn't done this already. Many, many someone elses."

'Hundreds of Millions of Crippled PCs'

Indeed, "the EU anti-competition complaint against M$ is long overdue," agreed blogger
Robert Pogson. "It should have been brought the instant M$ and 'partners' sprung it open.

"UEFI and 'secure boot' are not terrible ideas, but letting M$, a convicted serial anti-competition violator, manage the keys to the PC kingdom is insane," Pogson explained. "One does not let serial child molesters operate schools for kids."

Pogson expects the EU to take a few months to gather information and form a conclusion, he told Linux Girl.

"In the meantime, Earth has been polluted with hundreds of millions of crippled PCs," he pointed out. "M$ should be required to pay a fine and restitution for the reduced market value of those PCs."

In fact, "I would encourage OEMs to join in the complaint, because M$ had them take the risks and lose badly on '8,' partly because it was a bad product and partly because no one wanted the new GUI nor the 'secure booting.'"

'A Mountain of Problems'

And again: "The problem with Secure Boot is not Secure Boot itself," opined Google+ blogger Kevin O'Brien. "That could be done in a way that helps everyone.

"The real problem is that Microsoft is controlling the implementation, and doing so in a way that privileges their OS over all others," O'Brien explained. "That makes the Spanish complaint perfectly valid."

Secure Boot is "a mountain of problems, starting with the NIH rejection of already-created superior (and easier to implement) technologies that could have replaced the PC BIOS, to the fact that Microsoft decided to do the master key signing themselves rather than pass that function to a more qualified third party," consultant and Slashdot blogger Gerhard Mack concurred.

"My best guess is that compatibility was a last minute afterthought when Microsoft planned the whole thing out, so I really hope the EU slaps them for it," Mack added.

"It's certainly well past time for a formal complaint, but that really is the problem: it's *well past* time,"
Hyperlogos blogger Martin Espinoza pointed out. "Secure Boot is now a fact, as it is in the hands of users. Is it really feasible to change the situation now?"

'Logical and Workable'

Google+ blogger Brett Legree has "spent some time reading Matthew Garrett's writing on [Secure Boot], and I have studied the workarounds," he told Linux Girl. "To be honest, it seems logical and workable to me.

"At the same time, I know a lot of people who see it as an ideological issue with respect to personal freedoms," Legree added.

"I can understand the frustration of those who feel that this is Microsoft's 'latest way of locking Linux out,' yet I really wonder if this is what Microsoft and the OEMs are attempting to do," he offered. "I mean, if I were Microsoft, I'd be a little more worried about Linux eating my lunch in the server space (which it has via Red Hat et al.) and mobile space (which it has BIG TIME -- hello, Android the Linux-based operating system)."

Besides, Microsoft "knows full well that the desktop and laptop market for a lot of their clients has been whisked away from them via Android and iOS devices, so at least in a way Linux (Android) has won there, even if many people don't see it that way," Legree added.

In any case, "if you're wanting to run Linux on a standard desktop or laptop and not worry about Secure Boot, shop around, vote with your dollars, build your own systems, explore different architectures like ARM, buy from Linux OEMs -- they're out there," he concluded. "And hey, write letters to your politicians -- you've got nothing to lose!"

'Tyranny From the Minority'

The Free Software Foundation has stated that "they want computer manufacturers to implement Secure Boot so that it can be disabled," noted Robin Lim, a lawyer and blogger on
Mobile Raptor.

"This would allow a user to install Linux," he added. "What the FSF is against is 'Restricted Boot,' which is how it defines a computer without the ability to disable Secure Boot. This appears to be a reasonable enough request which would not entail substantial manufacturing costs."

The FSF's position on the matter is "reasonable," Lim opined. "Why disable a security system in one PC ecosystem to accommodate another? And at the behest of 8,000 users and developers?"

Hispalinux's position is really "tyranny from the minority," he concluded. "Hispalinux is trying to force software freedom down your throats whether you like it or not on the theory that Microsoft bullying has kept Linux at bay."

The reality, however, is that "the new generation of devices are marketed and sold as tightly woven hardware, operating system and software environments," Lim added. "Consumers have taken to this. Scaring people about the loss of their software Freedom does not work."

'Just Let the Thing Die'

Last but not least, Slashdot blogger hairyfeet couldn't understand the reason for all the fuss.

"Anybody cares....why exactly?" hairyfeet asked. "Windows 8 is a flop, Secure Boot requires Windows 8, so what is the problem?

"Heck, the only one Windows 8 has been good for is the shops that get to get paid to wipe it for Win 7," he added. "The OEMs have already said 'it's a bomb,' and since the vast majority of PCs are being sold with Secure Boot unlocked or not even on it in the first place, who cares?"

In other words, "Secure Boot along with the rest of Win 8 is a flop -- even the pirates don't want it," hairyfeet concluded. "Just let the thing die already."

Katherine Noyes has been writing from behind Linux Girl's cape since late 2007, but she knows how to be a reporter in real life, too. She's particularly interested in space, science, open source software and geeky things in general. You can also
find her on Twitter and
Google+.